National Cyber Awareness System

Vulnerability Summary for CVE-2006-1188

Overview

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.

Impact

CVSS Severity (version 2.0 upgrade from v1.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#824324

Name: VU#824324

Type: Patch Information

Hyperlink:http://www.kb.cert.org/vuls/id/824324

US-CERT Technical Alert: TA06-101A

Name: TA06-101A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA06-101A.html

External Source: MS

Name: MS06-013

Type: Patch Information

Hyperlink:http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx

External Source: VUPEN

Name: ADV-2006-1318

Hyperlink:http://www.vupen.com/english/advisories/2006/1318

External Source: BUGTRAQ

Name: 20060525 [BuHa-Security] MS06-013: HTML Tag Memory Corruption Vulnerability in MS IE 6 SP2

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/435096/30/4710/threaded

External Source: SECTRACK

Name: 1015900

Hyperlink:http://securitytracker.com/id?1015900

External Source: SECUNIA

Name: 18957

Hyperlink:http://secunia.com/advisories/18957

US Government Resource: oval:org.mitre.oval:def:1773

Name: oval:org.mitre.oval:def:1773

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1773

US Government Resource: oval:org.mitre.oval:def:1296

Name: oval:org.mitre.oval:def:1296

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1296

US Government Resource: oval:org.mitre.oval:def:1290

Name: oval:org.mitre.oval:def:1290

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1290

US Government Resource: oval:org.mitre.oval:def:1144

Name: oval:org.mitre.oval:def:1144

Type: Tool Signature

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1144

References to Check Content

Identifier:oval:org.mitre.oval:def:1144

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:1144

Identifier:oval:org.mitre.oval:def:1290

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:1290

Identifier:oval:org.mitre.oval:def:1773

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:1773

Identifier:oval:org.mitre.oval:def:1296

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:1296